估計損失高達-19-億英鎊,為英國歷來之最.jpg)
British car manufacturer Jaguar Land Rover (JLR) was hacked in early September this year, resulting in an immediate shutdown of the plant, and production did not resume until October 8 this year, a shutdown of more than a month. The Cyber Monitoring Centre (CMC), which specializes in monitoring, classifying and rating major cyber incidents in the United Kingdom, estimated on Wednesday (October 22) that the economic losses caused by this incident amounted to 1.9 billion pounds sterling, which is the most serious security incident in the United Kingdom's history, with the vast majority of the losses originating from the production disruption of JLR and its suppliers.
According to an analysis by Treblle, a company founded in Croatia in 2021 and specializing in the development of API lifecycle platforms, JLR discovered that its information system had been compromised around September 1. Initial investigations showed that the hackers, posing as insiders, launched phishing attacks on other employees and stole login credentials, and at the same time, they also obtained leaked credentials from the black market, and then used the credentials to penetrate horizontally through JLR's systems. The hackers then used various types of credentials to infiltrate the JLR system horizontally and paralyze the system with destructive malware and ransomware. Meanwhile, the hacker group Scattered Lapsus$ Hunters also claimed the attack on Telegram.
CMC estimates that the incident has cost the UK £1.9 billion in economic losses, affecting more than 5,000 UK organizations, which could rise further if operational technology is seriously affected or production recovery is delayed.
The economic losses calculated by CMC include the loss of JLR's business interruption (a five-week shutdown of its main plant, averaging 5,000 units per week), the cost of data forensics and system rebuilding, the loss of thousands of suppliers in the supply chain, the decline in sales and brand loyalty, and downstream industries such as maintenance, transportation, and exports, as well as the impact of wage cuts for JLR's employees and the impact on the local economy. However, CMC's calculations do not include losses related to data leakage and ransom payments.
The Centre has a five-tier classification mechanism to assess the overall economic and social impact of a cyber incident in the U.K. The JLR incident, although the highest economic loss ever recorded in the U.K., was only a Tier 3 systemic incident, affecting more than 2,700 organizations and with a loss of between £1 billion and £5 billion. A higher level 4 incident would be cross-sectoral and cost more than £5 billion, while a level 5 incident would be a national crisis involving critical infrastructure and threatening national or public safety.
Source:
https://www.ithome.com.tw/news/171829
